CN109947077A - A kind of kinetic control system network attack discrimination method based on intermediate sight device - Google Patents
A kind of kinetic control system network attack discrimination method based on intermediate sight device Download PDFInfo
- Publication number
- CN109947077A CN109947077A CN201910196655.3A CN201910196655A CN109947077A CN 109947077 A CN109947077 A CN 109947077A CN 201910196655 A CN201910196655 A CN 201910196655A CN 109947077 A CN109947077 A CN 109947077A
- Authority
- CN
- China
- Prior art keywords
- matrix
- indicate
- indicates
- control system
- attack
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Feedback Control In General (AREA)
Abstract
A kind of kinetic control system network attack discrimination method based on intermediate sight device, includes the following steps: to model kinetic control system;Obtain system state space equation;Construct intermediate sight device;And the gain of intermediate sight device is solved by MATRIX INEQUALITIES;Attack is estimated finally by intermediate sight device.Method of the invention considers kinetic control system, and there is a phenomenon where network attacks, and the present invention is not limited solely to this example, while its estimated result can satisfy the precision and requirement of real-time of practical application.
Description
Technical field
The invention belongs to technical field of network security, and in particular to a kind of kinetic control system net based on intermediate sight device
Network attacks discrimination method, it can carry out real-time estimation to attack, assesses for system trend, ensures its safe operation.
Background technique
Currently, industrial control system (industrial control system) and Internet of Things, internet show depth
The situation of fusion, this had both greatly improved the intelligence of industrial control system, the level of informatization, had also caused a series of new
Security challenge.It emerges one after another for all kinds of novel attack technologies and means of ICS, it is steady to national security, economic development and society
It is fixed etc. to produce the great attention for seriously affecting and causing countries in the world government.
For the security threat being subject to, ICS uses Intrusion Detection Technique supervisory control system running state, finds suspicious row in real time
To take counter-measure in time convenient for Security Officer, resisting the core skill that known and unknown attack intrusion detection is systemic defence
Art, numerous protection techniques implementation depend on Intrusion Detection Technique efficiency, i.e., whether can find in real time intrusion behavior however
ICS has the particularity such as high, resource-constrained, the update difficulty of real-time, leads to traditional intruding detection system (intrusion
Detection system) it not can be used directly the in ICS
Existing most of detection methods are all based on so-called observer matching condition, this carrys out many real systems
Say it is implacable.Robust estimation method is widely studied and applied because not having observer matching condition,
But these methods are all based on performance optimization, the disadvantage is that the range of evaluated error can not clearly be obtained by theory analysis.
Summary of the invention
Based on the above issues, the kinetic control system network attack identification based on intermediate sight device that the present invention provides a kind of
Method constructs an intermediate sight device and carrys out estimated state and attack simultaneously, and prove specifically, introducing an intermediate variable
The state of error system is uniform ultimate bounded.
The present invention provides following solution to solve above-mentioned technical problem:
A kind of kinetic control system network attack discrimination method based on intermediate sight device, comprising the following steps:
Step 1) establishes kinetic control system transmission function:
By System Discrimination, determine shown in kinetic control system transmission function such as formula (1):
Wherein G (s) is the transmission function of kinetic control system, K, TsTo pick out the parameter come;
Step 2) establishes kinetic control system state equation and output equation, comprising the following steps:
2.1) in kinetic control system, attack f is added, therefore shown in kinetic control system state equation such as formula (2):
Wherein A is the state matrix of system, and B is input matrix, and x indicates system state amount, and g indicates the not true of model
Qualitative or interference, u are system input, and E is attack gain, and f is attack;
2.2) shown in the output equation of kinetic control system such as formula (3):
Y (t)=Cx (t) (3)
Wherein y indicates system output quantity, and x indicates system state amount, and C indicates output matrix;
Step 3), building intermediate sight device the following steps are included:
3.1) shown in design intermediate variable such as formula (4):
ε (t)=f (t)-ω ETx(t) (4)
The wherein transposition of subscript " T " representing matrix, ε indicate that intermediate variable, f indicate attack, and x indicates system state amount, E table
Show attack gain, ω tuning parameter;
3.2) it is based on intermediate variable, shown in design intermediate sight device such as formula (5):
The wherein transposition of subscript " T " representing matrix,Indicate the estimated value of system state amount x,Indicate estimating for intermediate variable ε
Evaluation,Indicate the estimated value of attack f,Indicate the estimated value of disturbance g,Indicate the estimated value of output y, A indicates state transfer
Matrix, u are system input, and B indicates that input matrix, L indicate the intermediate sight device gain for needing to design, and C indicates output matrix, ω
Tuning parameter, E are attack gain;
Step 4) designs and solves the gain of intermediate sight device by MATRIX INEQUALITIES, comprising the following steps:
4.1) matrix is constructed, as shown in formula (6):
Wherein * indicates that symmetry elements, P indicate that positive definite matrix to be solved, H indicate that matrix to be solved, δ indicate that band solves
Scalar, A indicate that state-transition matrix, C indicate that output matrix, ω are excellent parameter of setting the tone, and B indicates that input matrix, ε are to calibration
Amount, I indicate unit matrix, lgFor Lipschitzian constant, Π11、Π12And Π22It indicates intermediary matrix, is respectively as follows:
Π12=PE- ω2δEETE-ωδATE
4.2) solution matrix inequality Π < 0 obtains P, H, shown in intermediate sight device gain L such as formula (7):
L=P-1H (7)
Wherein subscript " -1 " representing matrix is inverse, to realize the real-time estimation to attack f by intermediate sight device (5).
Working principle of the present invention is as follows: first kinetic control system is modeled;Obtain the state of kinetic control system
Spatial model;It considers further that the network attack in system, constructs intermediate sight device, real-time estimation is carried out to it.
Beneficial effects of the present invention are shown: solving observer gain L by MATRIX INEQUALITIES, configuration intermediate sight device comes
It realizes and real-time estimation is carried out to attack f, compared with prior art, beneficial effects of the present invention are as follows: not matched item by observer
The limitation of part, it can carry out real-time estimation to attack, assess for system trend, ensure its safe operation.Estimated result can expire
The precision and requirement of real-time of sufficient practical application, and required relevant parameter can be measured by the sensor of low cost.
Detailed description of the invention
Fig. 1 is networking Motion Control Platform structural schematic diagram;
Fig. 2 is to attackExperimental result;
Fig. 3 is to attackReal-time estimation Error Graph;
Fig. 4 is the experimental result to attack f=4*sin (10* π * t/180);
Real-time estimation Error Graph of the Fig. 5 to attack f=4*sin (10* π * t/180).
Specific embodiment
To be more clear the object, technical solutions and advantages of the present invention, with reference to the accompanying drawing with actual experiment to this hair
Bright technical solution is further described.
Referring to Fig.1~Fig. 5, a kind of kinetic control system network attack discrimination method based on intermediate sight device, work
Principle is as follows: determining the transmission function of kinetic control system;Establish kinetic control system state equation and output equation;Further
Attack in consideration system constructs intermediate sight device, carries out real-time estimation to it.
A kind of kinetic control system network attack discrimination method based on intermediate sight device, comprising the following steps:
1) kinetic control system transmission function is determined;
2) kinetic control system state equation and output equation are established;
3) intermediate sight device is constructed;
4) it designs and passes through MATRIX INEQUALITIES and solve the gain of intermediate sight device.
Further, in step 1), kinetic control system transmission function is determined:
1) it by System Discrimination, determines shown in kinetic control system transmission function such as formula (1):
Wherein.K=0.08373, Ts=0.02433.
Further, in the step 2), kinetic control system state equation and output equation, including following step are established
It is rapid:
2.1) in kinetic control system, attack f is added, therefore shown in kinetic control system state equation such as formula (2):
Wherein x indicates system state amount, state-transition matrixDisturb g=[0.1sin (k)
0]T, it is reference input, k=0.5963, input matrix B=[1 0] that system, which inputs u (t)=- ky (t)+v, v,T, attack gain E
=[0 2.94]T, f expression attack.
2.2) shown in the output equation of kinetic control system such as formula (3):
Y (t)=Cx (t) (3)
Wherein y indicates system output quantity, and x indicates system state amount, and C indicates output matrix.
Further, in the step 3), building intermediate sight device the following steps are included:
3.1) shown in design intermediate variable such as formula (4):
ε (t)=f (t)-ω ETx(t) (4)
The wherein transposition of subscript " T " representing matrix, ε indicate that intermediate variable, f indicate attack, and x indicates system state amount, attacks
Hit gain E=[0 2.94]T, ω tuning parameter;
3.2) it is based on intermediate variable, shown in design intermediate sight device such as formula (5):
The wherein transposition of subscript " T " representing matrix,Indicate the estimated value of system state amount x,Indicate estimating for intermediate variable ε
Evaluation,Indicate the estimated value of attack f,Indicate the estimated value of disturbance g, state-transition matrixSystem
System input u (t)=- ky (t)+v, v are reference input, k=0.5963, input matrix B=[1 0]T, L indicates to need to design
Intermediate sight device gain, output matrix C=[0 3.4413], ω tuning parameter are attacked gain E=[0 2.94]T。
In the step 4), designs and the gain of intermediate sight device is solved by MATRIX INEQUALITIES, comprising the following steps:
4.1) matrix is constructed, as shown in formula (6):
Wherein * indicates that symmetry elements, P indicate that positive definite matrix to be solved, H indicate that matrix to be solved, δ indicate that band solves
Scalar, state-transition matrixOutput matrix C=[0 3.4413] gives tuning parameter ω=5, defeated
Enter matrix B=[1 0]T, scalar ε=1 is given, I indicates unit matrix, Lipschitzian constant lg=0.1, Π11、Π12With
Π22It indicates intermediary matrix, is respectively as follows:
Π12=PE- ω2δEETE-ωδATE
4.2) solution matrix inequality Π < 0, obtains:
With H=[1.9644 83.4458]T, the transposition of subscript " T " representing matrix;
Shown in intermediate sight device gain L such as formula (7):
L=P-1H (7)
Therefore intermediate sight device gain L=[5.7219 12.6764] is obtainedT.To by intermediate sight device (5) realization pair
Attack the real-time estimation of f.
From experimental result as can be seen that the present invention it can accurately to attack carry out real-time estimation, be system trend
Assessment, ensures its safety.Running its result can satisfy the precision and requirement of real-time of practical application, and required related ginseng
Number can be measured by the sensor of low cost.
Embodiments of the present invention are described with reference to the accompanying drawings and be set forth above, but are not limited to aforesaid way.?
Those skilled in the art within the scope of knowledge, as long as a variety of changes can also be made based on design of the invention
Change and improves.
Claims (1)
1. a kind of kinetic control system network attack discrimination method based on intermediate sight device, which is characterized in that the method packet
Include following steps:
Step 1) determines kinetic control system transmission function:
By System Discrimination, determine shown in kinetic control system transmission function such as formula (1):
Wherein G (s) is the transmission function of kinetic control system, K, TsTo pick out the parameter come;
In step 2), kinetic control system state equation and output equation are established, comprising the following steps:
2.1) in kinetic control system, attack f is added, therefore shown in kinetic control system state equation such as formula (2):
Wherein A is the state matrix of system, and B is input matrix, and x indicates system state amount, and g indicates the uncertainty of model
Or interference, u are system input, E is attack gain, and f is attack;
2.2) shown in kinetic control system output equation such as formula (3):
Y (t)=Cx (t) (3)
Wherein y indicates system output quantity, and x indicates system state amount, and C indicates output matrix;
In step 3), intermediate sight device is constructed, comprising the following steps:
3.1) shown in design intermediate variable such as formula (4):
ε (t)=f (t)-ω ETx(t) (4)
The wherein transposition of subscript " T " representing matrix, ε indicate that intermediate variable, f indicate attack, and x indicates system state amount, and E expression is attacked
Hit gain, ω tuning parameter;
3.2) it is based on intermediate variable, shown in design intermediate sight device such as formula (5):
The wherein transposition of subscript " T " representing matrix,Indicate the estimated value of system state amount x,Indicate the estimation of intermediate variable ε
Value,Indicate the estimated value of attack f,Indicate the estimated value of disturbance g,Indicate the estimated value of output y, A indicates that state shifts square
Battle array, u are system input, and B indicates that input matrix, L indicate the intermediate variable estimator gain for needing to design, and C indicates output matrix,
ω tuning parameter, E are attack gain;
In step 4), designs and the gain of intermediate sight device is solved by MATRIX INEQUALITIES, comprising the following steps:
4.1) matrix is constructed, as shown in formula (6):
Wherein * indicates that symmetry elements, P indicate that positive definite matrix to be solved, H indicate that matrix to be solved, δ indicate that band solves mark
Amount, A indicate that state-transition matrix, C indicate that output matrix, ω are excellent parameter of setting the tone, and B indicates that input matrix, ε are given scalar, I
Indicate unit matrix, lgFor Lipschitzian constant, П11、П12And Π22It indicates intermediary matrix, is respectively as follows:
Π12=PE- ω2δEETE-ωδATE
4.2) solution matrix inequality Π < 0, obtains P1, P2, shown in H and ε, intermediate sight device gain L such as formula (7):
L=P-1H (7)
Wherein subscript " -1 " representing matrix is inverse, to realize the real-time estimation to attack f by intermediate sight device (5).
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910196655.3A CN109947077A (en) | 2019-03-13 | 2019-03-13 | A kind of kinetic control system network attack discrimination method based on intermediate sight device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910196655.3A CN109947077A (en) | 2019-03-13 | 2019-03-13 | A kind of kinetic control system network attack discrimination method based on intermediate sight device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109947077A true CN109947077A (en) | 2019-06-28 |
Family
ID=67008910
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910196655.3A Pending CN109947077A (en) | 2019-03-13 | 2019-03-13 | A kind of kinetic control system network attack discrimination method based on intermediate sight device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109947077A (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110535822A (en) * | 2019-07-04 | 2019-12-03 | 浙江工业大学 | A kind of multiple sensor attack discrimination method of network motion control systems |
| CN110531616A (en) * | 2019-07-29 | 2019-12-03 | 浙江工业大学 | A kind of network motion control systems under coloured noise attack discrimination method |
| CN110580035A (en) * | 2019-09-02 | 2019-12-17 | 浙江工业大学 | motion control system fault identification method under sensor saturation constraint |
| CN110579963A (en) * | 2019-09-03 | 2019-12-17 | 浙江工业大学 | Networked motion control system state estimation method based on adaptive state observer |
| CN110647132A (en) * | 2019-08-28 | 2020-01-03 | 浙江工业大学 | Frequency domain partition attack detection method for networked motion control system |
| CN110708284A (en) * | 2019-08-30 | 2020-01-17 | 浙江工业大学 | Networked motion control system attack estimation method based on gradient descent algorithm |
| CN110794811A (en) * | 2019-11-07 | 2020-02-14 | 浙江工业大学 | Safety control method of networked motion control system with quantification |
| CN110989552A (en) * | 2019-11-25 | 2020-04-10 | 江南大学 | Fault estimation method of continuous stirred tank reactor system under network attack |
| CN111130106A (en) * | 2020-01-10 | 2020-05-08 | 浙江工业大学 | Attack detection method for multi-region power system |
-
2019
- 2019-03-13 CN CN201910196655.3A patent/CN109947077A/en active Pending
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110535822A (en) * | 2019-07-04 | 2019-12-03 | 浙江工业大学 | A kind of multiple sensor attack discrimination method of network motion control systems |
| CN110535822B (en) * | 2019-07-04 | 2022-04-08 | 浙江工业大学 | Multi-sensor attack identification method of networked motion control system |
| CN110531616A (en) * | 2019-07-29 | 2019-12-03 | 浙江工业大学 | A kind of network motion control systems under coloured noise attack discrimination method |
| CN110647132B (en) * | 2019-08-28 | 2021-02-26 | 浙江工业大学 | Frequency domain partition attack detection method for networked motion control system |
| CN110647132A (en) * | 2019-08-28 | 2020-01-03 | 浙江工业大学 | Frequency domain partition attack detection method for networked motion control system |
| CN110708284A (en) * | 2019-08-30 | 2020-01-17 | 浙江工业大学 | Networked motion control system attack estimation method based on gradient descent algorithm |
| CN110580035A (en) * | 2019-09-02 | 2019-12-17 | 浙江工业大学 | motion control system fault identification method under sensor saturation constraint |
| CN110579963A (en) * | 2019-09-03 | 2019-12-17 | 浙江工业大学 | Networked motion control system state estimation method based on adaptive state observer |
| CN110794811A (en) * | 2019-11-07 | 2020-02-14 | 浙江工业大学 | Safety control method of networked motion control system with quantification |
| CN110794811B (en) * | 2019-11-07 | 2021-02-26 | 浙江工业大学 | Safety control method of networked motion control system with quantification |
| CN110989552A (en) * | 2019-11-25 | 2020-04-10 | 江南大学 | Fault estimation method of continuous stirred tank reactor system under network attack |
| CN111130106A (en) * | 2020-01-10 | 2020-05-08 | 浙江工业大学 | Attack detection method for multi-region power system |
| CN111130106B (en) * | 2020-01-10 | 2024-04-12 | 浙江工业大学 | Attack detection method for multi-region power system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109947077A (en) | A kind of kinetic control system network attack discrimination method based on intermediate sight device | |
| CN113009825B (en) | Deception-attacked nonlinear networked system state estimation method | |
| Olufowobi et al. | Anomaly detection approach using adaptive cumulative sum algorithm for controller area network | |
| Yang et al. | Security evaluation of the cyber networks under advanced persistent threats | |
| CN103152345A (en) | Network safety optimum attacking and defending decision method for attacking and defending game | |
| CN113467332B (en) | Design method of event trigger controller of information physical system under denial of service attack | |
| CN110989552B (en) | Fault estimation method of continuous stirred tank reactor system under network attack | |
| CN109218090B (en) | Internet of things node trust degree evaluation method | |
| Xie et al. | Resisting web proxy-based http attacks by temporal and spatial locality behavior | |
| CA3006383A1 (en) | System and method for aiding decision | |
| Zhi-Jun et al. | MSABMS-based approach of detecting LDoS attack | |
| AU2021102261A4 (en) | Density-based distributed stochastic gradient federated learning algorithm to Byzantine attack | |
| CN112866281B (en) | Distributed real-time DDoS attack protection system and method | |
| CN109241736B (en) | Estimation method for attack of Internet of vehicles actuator and sensor | |
| CN107968776B (en) | Dynamic attack surface transformation method based on bidirectional control function | |
| Wen et al. | Observer-based H∞ PID control for discrete-time systems under hybrid cyber attacks | |
| Zhang et al. | Optimal decision-making approach for cyber security defense using game theory and intelligent learning | |
| Huang et al. | CCID: Cross-Correlation identity distinction method for detecting shrew DDoS | |
| CN110531616A (en) | A kind of network motion control systems under coloured noise attack discrimination method | |
| Qi et al. | Event-based attack against remote state estimation | |
| CN109274678A (en) | The estimation method of car networking malicious attack is directed under a kind of packet loss environment | |
| Nie et al. | A covert network attack detection method based on lstm | |
| CN110535822A (en) | A kind of multiple sensor attack discrimination method of network motion control systems | |
| Sun | Research on the optimization management of cloud privacy strategy based on evolution game | |
| AU2018101751A4 (en) | A distributed attack detection and information security sharing algorithm over multitask networks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190628 |
|
| RJ01 | Rejection of invention patent application after publication |